When testing Network Prevent for Web functionality, no incidents are reported for a small file posted to a cloud storage website. What should you modify to allow incidents to be generated?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the Symantec Data Loss Prevention (DLP) Exam with targeted quizzes and detailed explanations. Boost your knowledge and confidence with our engaging study tools!

Multiple Choice

When testing Network Prevent for Web functionality, no incidents are reported for a small file posted to a cloud storage website. What should you modify to allow incidents to be generated?

Explanation:
When testing Network Prevent for Web functionality, the issue is caused by a size gate that filters out small requests before they are inspected. The setting that reads “Ignore requests Smaller Than” acts as a minimum size threshold: if a file is smaller than this value, it bypasses the inspection and cannot trigger an incident. Setting this threshold to a very small value, like 1, removes the gate so even tiny uploads are sent through to the DLP engine for evaluation, allowing incidents to be generated when the content matches a policy. Increasing the threshold would further reduce detections by ignoring even more content. Disabling Cloud Storage integration would stop scanning cloud storage traffic altogether, so no incidents would be generated from those sites. Enabling automatic incident creation would only affect whether an incident is created after a match is detected; it won’t help if nothing is detected in the first place due to the threshold.

When testing Network Prevent for Web functionality, the issue is caused by a size gate that filters out small requests before they are inspected. The setting that reads “Ignore requests Smaller Than” acts as a minimum size threshold: if a file is smaller than this value, it bypasses the inspection and cannot trigger an incident. Setting this threshold to a very small value, like 1, removes the gate so even tiny uploads are sent through to the DLP engine for evaluation, allowing incidents to be generated when the content matches a policy.

Increasing the threshold would further reduce detections by ignoring even more content. Disabling Cloud Storage integration would stop scanning cloud storage traffic altogether, so no incidents would be generated from those sites. Enabling automatic incident creation would only affect whether an incident is created after a match is detected; it won’t help if nothing is detected in the first place due to the threshold.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy